Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2011-12-15 07:51:19
PHP
Alexander, 2011-12-15 07:51:19

How to get rid of XSS from a remote page in a frame?

To simplify the example, I will give the following code

. There is a form on the page:

<form id='send' action='../lib/getpage.php' method='post' target='getpage'><br>
       <input id='url' name='url' type='text' value=''><br>
</form><br>

Which betrays the getpage.php file into a frame:
<iframe id='getpage' name='getpage' src='' class='autoHeight' frameborder='0' scrolling='auto'></iframe><br>

The getpage.php file itself produces the page body:
<?<br>
       $url = $_POST['url'];<br>
       $page = file_get_html($url);<br>
       echo $page;<br>
?><br>


If the deleted page contains XSS code, will it affect my site and if so, how to get rid of it?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexander, 2011-12-15
@cry_san

and if just cut out all possible xss in $page before output in getpage.php?

Similar questions
S
Sergey2017-09-22 21:50:12
How to restrict user access to disks on Windows 10? 1Reply
H
heartdevil2017-10-06 10:57:04
How to mathematically write "a sequence of adjacent elements (numbers)"? 2Reply
B
bobs322020-02-29 02:16:43
How to convert Russian time to datetime correctly? 3Reply
L
leni_m2017-10-16 18:09:15
MVC routing in php? 2Reply
A
avr19722017-10-18 14:49:36
How to make a portfolio for a beginner web studio? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question